Buoyed by massive illicit profits, cybercriminals have continued to refine their ransomware attacks, including updating their crypto techniques to foil decryption tools, encrypting file names and threatening to leak stolen secrets.
With growing risks of data breaches, Indian security leaders say it is critical to bring the new dangers of unreported breaches to the notice of practitioners at large. What will it take to spur such action?
The quantity and duration of distributed denial-of-service attacks continue to increase. The latest attacks are being launched via MySQL servers infected with Chikdos malware, as well as compromised Internet-connected CCTV systems, researchers say.
Symantec new Advanced Threat Protection solution aims at consolidating its key security offerings to enable organizations to remediate advanced threats effectively. Symantec's Kaura shares details, strategy in an interview.
Dr. A S Ramasastri, IDRBT's director, says the enterprise security leader's office needs to be strengthened and empowered to tackle new threats and growing cyber espionage with an appropriate risk-based strategy.
FBI Director James Comey's declaration that the Obama administration will not pursue legislation to require vendors to create a backdoor that would permit law enforcement to circumvent encryption on mobile devices isn't the end of the matter.
Reports that a Linux-based botnet has been lobbing 160 Gbps packet storms highlight how DDoS attacks remain alive and well. Experts also warn that DDoS attackers are mixing Windows and Linux malware and running extortion scams.
Policymakers must consider three factors before imposing sanctions in retaliation for state-backed hacks: Confidence in its attribution of responsibility, the impact of the incident and the levers of national power at a state's disposal.
International law enforcement agencies are warning banking institutions and businesses about extortion attacks being waged by an entity known as DD4BC, or DDoS for Bitcoin. They're advising organizations not pay any ransom and to notify their ISPs and law enforcement officials of any threats.
Lizard Squad, which markets the Lizard Stresser distributed denial-of-service attack tool, appears to have targeted the public-facing website of the U.K.'s National Crime Agency in retaliation for its recent DDoS-tool crackdown.
Extortionists and "free agent" rogue insiders have emerged as the top two most malicious cybercrime threats to banking institutions, says Gartner's Avivah Litan. How should institutions bolster their defenses?
Nothing says "you really screwed up" like receiving the Pwnie Award for "Most Epic Fail" at the annual Black Hat conference. Hence it's no surprise that in the wake of its mega breach, the win goes to the U.S. Office of Personnel Management.
The FBI says numerous financial services firms continue to face DDoS and stolen-data-dump threats from supposed hackers. Security experts say the only effective and sustainable defense is preparation - not payoffs.